Commit 2121b2ec authored by Matt Mackall's avatar Matt Mackall Committed by Linus Torvalds

[PATCH] random: overflow fix

Zwane reports an oops duie to add_entropy_words running off the top of the
stack reading its input.  The overrun is harmless until it causes a page
fault.

Looks like I introduced this bug in Aug 2003, but it was hard to trigger until
the recent changes.
Signed-off-by: default avatarMatt Mackall <mpm@selenic.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent c04f9ab5
...@@ -1322,7 +1322,7 @@ static inline void xfer_secondary_pool(struct entropy_store *r, ...@@ -1322,7 +1322,7 @@ static inline void xfer_secondary_pool(struct entropy_store *r,
bytes=extract_entropy(random_state, tmp, bytes, bytes=extract_entropy(random_state, tmp, bytes,
EXTRACT_ENTROPY_LIMIT); EXTRACT_ENTROPY_LIMIT);
add_entropy_words(r, tmp, bytes); add_entropy_words(r, tmp, (bytes + 3) / 4);
credit_entropy_store(r, bytes*8); credit_entropy_store(r, bytes*8);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment